Technology Short Take 162
Published on 9 Dec 2022 · Filed in Information · 827 words (estimated 4 minutes to read)Welcome to Technology Short Take #162! It’s taken me a bit longer than I would have liked to get this post assembled, but it’s finally here. Hopefully I’ve managed to find something you’ll find useful! As usual, the links below are organized by technology area/discipline, and I’ve added a little bit of commentary to some of the links where it felt necessary. Enjoy!
Networking
- With this announcement of Cilium support within AKS, Cilium is now available in managed Kubernetes offerings across all three major cloud providers.
- Leave it to Ivan to school everyone on Ethernet encapsulations.
- This article provides a few practical examples of how using VPC Endpoints to reduce network traffic moving through NAT Gateways can help save money.
Security
- Rory McCune has a series of articles on PCI compliance in containerized and Kubernetes environments. These are worth a read if security and compliance are your jam (see here, here, here, here, here, here, and here). I suspect more are in the works, so stay tuned to his site!
- Persistent malware in ESXi hypervisor environments? Ugh! See here for more details.
- The corny (cheesy?) food references in the title of this article are almost too much. Hey, at least they’re having fun with it.
- Chris Farris shares some tips for securing GitHub organizations. The article is a tad focused on Steampipe, but there are general takeaways that I think are useful.
- This article is an interesting look at Internet scanning.
Cloud Computing/Cloud Management
- This was a neat article that came out of one of Pulumi’s recent “Pulumi Challenges.”
- Dave Hall has an article about tracking infrastructure using Terraform and AWS SSM Parameter Store.
- Jim Counts’ beginner’s guide to Pulumi CI/CD pipelines provides an overview of Pulumi and a guide on using it with Azure DevOps. (Note: this article is a couple years old, so keep that in mind—some things may have changed with both Pulumi and Azure DevOps since this article was published.)
- Engin Diri’s article on continuous cluster audit scanning with Trivy is a “two-for-one” article: you get to see some Pulumi YAML to create a Kubernetes cluster on Civo, and you get to see writing policies for the Trivy Operator. Nice.
- Ricardo Sueiras captured some great links on open source at AWS in this newsletter.
- I shared this via Twitter, but wanted to include it here because I think it’s a really cool use case. Muhammad Bhatti shares an example of using Pulumi code in an AWS Lambda to create a mechanism for running containers on-demand.
- Apparently due to the way the integration between Antrea and VMware NSX was designed, it’s possible for “stale” Antrea-enabled clusters (clusters that once existed but are no longer present/valid) to show up in the NSX UI. Bassem Rezkalla shows how to remove these stale clusters.
Operating Systems/Applications
- Curious about what a JWT is? This article from Teleport may be helpful.
- Jeff Johnson points out an obvious but I suspect often-overlooked aspect of macOS’ Full Disk Access.
- Even if you use an online service such as GitHub, GitLab, or Codeberg, you still need to ensure you have backups of your repositories. This article provides one potential solution.
- GitOps is all the rage these days (and there are valid reasons why), but I liked this article by Jim Sheldon because it discusses something more mundane yet critically important: how to structure the code in your Git repositories for GitOps. Sans the short Harness commercial at the end, I found this article to be useful.
Storage
- It would seem that macOS 13 “Ventura” has introduced some problems with USB storage; these problems crop up when working with Raspberry Pi systems.
Virtualization
- But is it really a virtual machine?
Programming
- Engin Diri has two relatively recent posts on Rust, which he’s been spending some time learning. The first is how to async/await in Rust (tackling the issue of asynchronous programming); the second is creating a gRPC-based microservice in Rust. If you’re learning Rust (or interested in learning Rust), I think these articles will be helpful to you.
Career/Soft Skills
- I really enjoyed this post on learning from the past but not living there. I think of this from a career perspective: we need to learn from our past (mistakes, jobs, opportunities, technologies), but our industry is one of change—we can’t stay in the past because we’ll be left behind.
- Matt Stratton’s presentation on the journey from DevOps to cloud engineering was one I really enjoyed (remotely/virtually, since it was presented at an event in London).
- I agree with Marc—write more.
This will likely be the very last Technology Short Take of 2022, but I’ll be back in 2023 with more Technology Short Takes, so make sure you stay tuned! In the meantime, feel free to connect with me on Twitter or on Mastodon, or connect with me in any one of the various Slack communities where I’m active (the Kubernetes and Pulumi Slack communities are a pretty sure bet). Thanks for reading!